Unrestricted file upload

Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors...

CVE-2009-1750

Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors...

CVE-2009-0156

Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to cause a denial of service persistent Finder crash via a crafted Mach-O executable that triggers an out-of-bounds memory read...

CastRipper 2.50.70 (.m3u) Universal Stack Overflow Exploit

No description provided by source. !/usr/bin/perl CastRipper 2.50.70 .m3u Universal Stack Overflow Exploit Exploited By Stack first exploiter :d http://www.milw0rm.com/exploits/8660 bien jouer :d frero my $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"...

CastRipper 2.50.70 .M3U Universal Stack Overflow

!/usr/bin/perl CastRipper 2.50.70 .m3u Universal Stack Overflow Exploit Exploited By Stack first exploiter :d http://www.milw0rm.com/exploits/8660 bien jouer :d frero my $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"...

CVE-2008-6806

Unrestricted file upload vulnerability in includes/imageupload.php in 7Shop 1.1 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/artikel/...

CastRipper 2.50.70 - .m3u Universal Stack Overflow

CastRipper 2.50.70 - .m3u Universal Stack Overflow !/usr/bin/perl CastRipper 2.50.70 .m3u Universal Stack Overflow Exploit Exploited By Stack first exploiter :d http://www.milw0rm.com/exploits/8660 bien jouer :d frero my $shellcode =...

CastRipper 2.50.70 (.m3u) Universal Stack Overflow Exploit

Exploit for unknown platform in category local exploits ========================================================== CastRipper 2.50.70 .m3u Universal Stack Overflow Exploit ========================================================== !/usr/bin/perl CastRipper 2.50.70 .m3u Universal Stack Overflow...

CVE-2009-1615

Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via an admin.system.files aka Manage Files request to the default URI, then accessing the file via a direct request...

Unrestricted file upload

Unrestricted file upload vulnerability in admin/uploadform.asp in Battle Blog 1.25 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...

Windows 7 retains Windows Explorer security risk

From InformationWeek Thomas Claburn Windows 7 RC is now available, but Microsoft’s new operating system could use a bit more tinkering to improve security. Specifically, Windows Explorer provides a way to hide a file’s extension. Virus writers use this feature to disguise executable files as...

Unrestricted file upload

Unrestricted file upload vulnerability in Mini File Host 1.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as demonstrated by creating a name.php file...

CVE-2008-6768

Unrestricted file upload vulnerability in admin/editor/images.php in K&S Shopsoftware allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/upload/...

CVE-2008-6769

Unrestricted file upload vulnerability in upload.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...

Unrestricted file upload

Unrestricted file upload vulnerability in upload-file.php in Adam Patterson Studio Lounge Address Book 2.5, as reachable from index2.php, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

CVE-2008-6769

Unrestricted file upload vulnerability in upload.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...

kernel: exit_notify: kill the wrong capable(CAP_KILL) check

The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...

Unrestricted file upload

Unrestricted file upload vulnerability in admin/editor/image.php in e-cart.biz Free Shopping Cart allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/...

CVE-2009-1446

Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in gallery/pictures/. NOTE: some of these details ar...

Mandriva Linux Security Advisory : autofs (MDVSA-2008:009-1)

The default behaviour of autofs 5 for the hosts map did not specify the nosuid and nodev mount options. This could allow a local user with control of a remote NFS server to create a setuid root executable on the exported filesystem of the remote NFS server. If this filesystem was mounted with the...